package com.cn.controller;

import com.cn.bean.Company;
import com.cn.bean.User;
import com.cn.element.PassToken;
import com.cn.element.UserLoginToken;
import com.cn.mapper.CompanyMapper;
import com.cn.mapper.UserMapper;

import com.cn.result.Result;
import com.cn.utils.CTRUtil;
import com.cn.utils.EncryptSha256Util;
import com.cn.utils.PacketSecret;
import com.cn.utils.TokenUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

/**
 * @Description
 * @Author Wangbo
 * @Date 2019/11/21
 * @Version V1.0
 **/
@RestController
public class JwtController {
    //定义密钥
    String key = "xuOs0lv9Yqjj1BwE";
    //定义加密的偏移量
    String iv = "1234567890123456";

    @Autowired
    UserMapper userMapper;
    @Autowired
    CompanyMapper companyMapper;

    @PostMapping("/getCTRCode")
    public Object getCTRCode(@RequestBody User user) {
        System.out.println("企业验证：" + user.getCompanyCode());
        System.out.println("用户名称：" + user.getUsername());
        System.out.println("用户密码：" + user.getPassword());
        if(StringUtils.isEmpty(user.getCompanyCode())){
            return Result.error(501,"验证失败，企业Code不能为空");
        }
        if(StringUtils.isEmpty(user.getUsername())){
            return Result.error(501,"验证失败，用户名称不能为空");
        }
        //使用CFB加密方法进行加解密
        String username = user.getUsername()+"&"+user.getCompanyCode();
        PacketSecret secret = new PacketSecret();
        secret.setMode(new PacketSecret.CFB());
        byte[] pe = secret.packetEncrypt(username.getBytes());
        System.out.println("----密文如下:----");
        String encodeToString = Base64.getEncoder().encodeToString(pe);
        System.out.println(encodeToString);
        return Result.ok().put("data", encodeToString);
    }
    @PostMapping("/login")
    public Object login(@RequestBody User user) {
        System.out.println("用户名称：" + user.getUsername());
        System.out.println("用户密码：" + user.getPassword());
        if(StringUtils.isEmpty(user.getEncrypetInfo())){
            return Result.error(501,"验证失败，加密数据不能为空");
        }
        if(StringUtils.isEmpty(user.getPassword())){
            return Result.error(501,"验证失败，密码不能为空");
        }
        //用户名解密
        //String username = CTRUtil.decryptCRT(user.getUsername(),key,iv);
        PacketSecret secret = new PacketSecret();
        secret.setMode(new PacketSecret.CFB());
        System.out.println("----解密后如下:----");
        byte[] decode = Base64.getDecoder().decode(user.getUsername());
        String encrypetinfo = new String(secret.packetDecrypt(decode), StandardCharsets.UTF_8);
        System.out.println(encrypetinfo);
        if(encrypetinfo.split("&").length < 2){
            return Result.error("验证失败，参数数量错误");
        }
        String userNameId = encrypetinfo.split("&")[0];
        String companyCode = encrypetinfo.split("&")[1];
        Company companyFromBase = companyMapper.findCompanyByCode(companyCode);
        if (companyFromBase == null) {
            return Result.error(501,"验证失败，企业不存在");
        } else {
            User userFromBase = userMapper.findUserByNameAndCode(userNameId,companyCode);
            if (userFromBase == null) {
                return Result.error(501,"验证失败，用户不存在");
            }else{
                if(!EncryptSha256Util.getSha256Str(user.getPassword()).equals(userFromBase.getUserPassword())){
                    System.out.println("用户加密密码：" + EncryptSha256Util.getSha256Str(user.getPassword()));
                    return Result.error(501,"验证失败，密码错误请重试");
                }
                if(userFromBase.getUserLock() != 0){
                    return Result.error(501,"验证失败，用户已锁定");
                }
            }
            return Result.ok();
        }
    }
}
